84 SLCERT maintains a good rapport with government and private
establishments, and extends assistance to the general public.
2 Activities Operations
2.1 Incident Handling Statistics
Incidents reported to SLCERT increased up to 69 in the year 2009. This is a major hike in the number of incidents reported compared to the 49 incidences
reported in 2008. The following chart depicts the distribution of various types of incidents reported to SLCERT. All the incidents reported to SLCERT have
been resolved satisfactorily.
Distribution of Incidents Reported to SLCERT
Phishing 14
Scam s 16
HateThreat Mail 12
Malw are 17
Defacem ents 22
Unauthorized Access 5
AbusePrivacy 14
The following graph depicts the increase in the number of incidents since the inception of SLCERT in mid-2006.
85
2.2 Computer Crime Statistics
Sri Lankan Government introduced a new act titled Computer Crimes Act in 2007 to curb electronic crimes in Sri Lanka. The following graph depicts the
number of computer crime related offences reported to Sri Lankan law enforcement agencies in year 2009.
2.3 New services 2.3.1 Behavioral Analysis of Malware
SLCERT started work on behavioral analysis of malware in the first quarter of year 2008 in order to provide better recovery procedures for affected
constituents. In the year 2009 SLCERT received a number of malware samples from government institutions for analysis. SLCERT has now
acquired lab equipment to analyses malware in standard environments.
2.3.2 Digital Forensics
The Computer Crimes Act of 2007 enabled the law enforcement officers to obtain the technical expertise of recognized information security
professionals and organizations to extract and present digital evidence in court. Accordingly, SLCERT has assisted Sri Lankan law enforcement
agencies in carrying out forensic investigations.
2.3.3 Penetration Testing
86 There were some major attacks on critical information systems in Sri Lanka
during 2008. As a proactive measure SLCERT has been assigned the task of carrying out vulnerability assessments and penetration tests for some major
information systems. SLCERT started this service during the fourth quarter of 2008.
3 Events organized co-organized
3.1 Training Education
SLCERT organizes training programs and education sessions targeting various audiences including CIOs, Engineers, System Administrators,
Banking and telecom sector staff, Students, and general public. During the year 2009 SLCERT conducted the following training, education
programs successfully: 1. Lecture on “Information Security” for MBA students
2. Conference on Information Security for CIO’s of Government Departments 3. Participated in a number of IT exhibitions by taking stalls with a view to
educating the general public on IT Security
3.2 Consultancy
SLCERT provides consultancy services for requests, especially for government departments.
During the year 2009, the following consultancy services were provided: 1. Network reviews for 6 government departments
2. Forensics investigation support for Law enforcement 3. Setting up a CA server for a government department
4. Initiated the implementation of a new computer forensics laboratory for Police Department
3.3 Seminars Workshops